PITTSBURGH (AP)  Security experts warned Monday of
a new software vulnerability that could allow vandals to disrupt portions of
the Internet by redirecting Web and e-mail traffic.

The CERT Coordination Center, the government-funded computer
emergency response team at Carnegie Mellon University, said the vulnerability
was in BIND software, a key part of computers that direct traffic on the Net.

The flaw was discovered earlier this month, and a fix was
made available Jan. 17 by BIND's creator, the nonprofit Internet Software Consortium
of Redwood City, Calif. CERT advised BIND users Monday to install the fix quickly.

BIND is used in computers, known as domain name servers,
that function as the Internet's phone books. Typing in a domain name such as
Yahoo.com prompts a server to contact Yahoo's computers.

If left uncorrected, the flaw could allow an intruder to
change those directories.

"Your e-mail could be routed to the wrong place," said
Shawn Hernan, a CERT security analyst. "Web addresses could be routed to the
wrong place. You could type in www.myfavorite-place.com and be directed to a
porn site, or worse, something that looks a lot like the site you expect to
find."

BIND, or Berkeley Internet Name Domain, is used on about
90% of domain name servers in the United States, said Jeff Carpenter, the center's
manager.

"BIND is a favorite target of intruders," Hernan said,
"and they will develop ways to exploit this quickly  in a matter of days
or weeks."

Hernan called it "among the most serious classes of vulnerability
to affect the Internet."

Bill Pollak, a CERT spokesman, said the center knew of
no hacking through the most recently identified weakness.

Although weaknesses in BIND have been identified before,
this threat appears more serious because the program has been installed on many
more machines since then, said David Conrad, the chief technology officer at
Nominum, the company that was hired by BIND's creators to close the gap.

There are tens of thousands of domain name servers around
the world. Each one may serve 10,000 to 20,000 Internet users, so only portions
of the Internet would be affected by a single attack.

The Internet also has 13 master directories, called root
servers, which tell domain name servers where to get updated information. Those
computers, located in the United States, Tokyo, Stockholm and London, also use
BIND software, said Brian O'Shaughnessy, a spokesman for VeriSign, which runs
some of the root servers for the U.S. government.

In an extreme case, hackers could changing settings at
those root servers and redirect all dot-com traffic.

Without BIND, Internet users would have to remember lengthy
strings of numbers to surf the Web or send e-mail.

"It's the white pages for the Internet," said Cricket Liu,
an Internet expert and co-author of the book DNS and BIND.

Just last week, a technician's error and a hacking attack
involving Microsoft's servers cut off the company's sites to the world for portions
of four days. CERT officials do not believe those problems are related to the
latest BIND weakness, but Hernan said they demonstrate the importance of the
name servers.

PGP Security of Santa Clara, Calif., had been poking around
to see where the BIND software might be weak and told CERT that two early versions
could be vulnerable.

"We have seen large organizations that are not up to date.
They are not necessarily immune," Carpenter said.

CERT's Hernan said managers of high-security sites, such
as those in the military, already have fixed the problem.

Copyright 2001 Associated Press. All rights reserved. This
material may not be published, broadcast, rewritten or redistributed.